Canadian hospital employees leaked personal details to financial firms

Share this article:

Up to 8,300 patients had their personal information stolen and given to financial companies by staff at Ontario's Rouge Valley Centenary Hospital, it was revealed.

Two staff at the health care facility, in the city of Scarborough, were paid by outside companies to deliver names, addresses and phone numbers. These were then used to contact families to sell Registered Education Savings Plans (RESPs), a spokesman for the hospital reportedly said. RESPs are investment schemes designed to prepare for a child's post secondary education.

The breach was discovered in two parts. The biggest, involving 7,600 patients, was discovered in October. A second, smaller breach came to light in March this year. Most of the individuals affected were new mothers.

Ann Cavoukian, Ontario privacy commissioner, and the Ontario Securities Commission are investigating the incident. The two employees involved no longer work at the hospital.

Share this article:
You must be a registered member of SC Magazine to post a comment.

THE LATEST ISSUE

Features

Archive of SC Magazine Canada

SC Magazine Canada

THE LATEST ISSUE

Features

Archive of SC Magazine Canada

SC Magazine Canada

More in SC Canada

Almost 40 percent of Canada's Justice Department duped by phishing

Almost one in four employees at Canada's Justice Department fell prey to internet phishing in an exercise last December.

Microsoft wavers on Canadian spam fears

Microsoft has reconsidered a move to cease security emails in Canada, following the introduction of an anti-spam law north of the border.

Underinvestment, poor communication plague Canadian cybersecurity

Canadian cybersecurity is languishing due to poor communication and disappointing security investments, according to research from the Ponemon Institute.